Leaked credential on paste/sentry site

Aerodrome Finance's assessment for RD-F-164 — scored gray on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Cat 11: leaked credential on paste/sentry site. Paste monitoring not configured for dry-run. GitHub security_md_present: false (data cache) â€” no published security policy. No public reports of Aerodrome API key or infrastructure credential leaks. The 2025-11-21 NameSilo attack was an insider threat at the registrar, not an Aerodrome credential leak (no API key exposure was the attack vector).

Sources #

URL
NameSilo Hack Post-Mortem â€” IncryptedData cache: security_md_present: false. Incrypted post-mortem: attack was insider at NameSilo, not credential leak from Aerodrome infrastructure.retrieved 2026-05-04

Methodology #

Determine whether a public paste site, Sentry-alt, or credential-dump references protocol infrastructure endpoints or API keys.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol aerodrome factor RD-F-164 score gray collected_at 2026-05-04 19:56:03